GIAC Exam GSNA Topic 1 Question 13 Discussion

Actual exam question for GIAC's GIAC Systems and Network Auditor exam

Question #: 13
Topic #: 1

Which TCP and UDP ports can be used to start a NULL session attack in NT and 2000 operating systems?

A149 and 133

B203 and 333

C139 and 445

D198 and 173

Show Suggested Answer

Suggested Answer: C

A null session is an anonymous connection to a freely accessible network share called IPC$ on Windows-based servers. It allows immediate

read and write access with Windows NT/2000 and read-access with Windows XP and 2003.

The command to be inserted at the DOS-prompt is as follows:

net use \\IP address_or_host name\ipc$ '' '/user:'

net use

Port numbers 139 TCP and 445 UDP can be used to start a NULL session attack.

by Merlyn at May 04, 2022, 12:54 PM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!